CVE-2018-11759 vulnerability in mod_jk - Apache in SPS
search cancel

CVE-2018-11759 vulnerability in mod_jk - Apache in SPS

book

Article ID: 125268

calendar_today

Updated On: 01-18-2023

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER

Issue/Introduction

 

Having conducted a vulnerability scanning and found the following vulnerability CVE-2018-11759 (1) exists for CA Access Gateway (SPS) (version 12.52 SP1 CR06).

Is there a fix for this CVE-2018-11759 in CA Access Gateway (SPS)?

 

Resolution

 

Upgrade CA Access Gateway (SPS) to 12.8SP7 which brings a fixed version of mod_jk (2).

 

Additional Information

 

(1)

    CVE-2018-11759

The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly.

    

(2)

    [IMS-SiteMinder : 12.8.07]

      Apache HTTP Server 2.4.54 : Apache License 2.0
      libapache-mod-jk 1.2.48 : Apache License 2.0